Collision = two different pieces of data (as in sequences of bytes) that have the same sha256 checksum.

Collision attack = an attempt at abusing a collision to make a fake transaction appear valid (because even though the data is forged, its checksum still matches).

There exists an infinite amount of such collisions (since there is an infinite number of possible byte sequences, yet only 2256 different sha256 hashes) but it's gonna be pretty darn difficult to actually find one. And that's quite an understatement (see the rough calculation posted earlier).

Quote

But it does not sound good.

No worries, it's not a problem whatsoever. First of all cause nobody will be able to find one in the foreseeable future, second because even if somebody accidentally runs into a collision, this is absolutely no threat to Bitcoin by any stretch of the imagination.

Only if someone "breaks" sha256, that is finding a practical way to deliberately generate a piece of data that results in a given sha256, we'd be effed. But as unlikely it is that somebody will even find just a random accidental single collision (and I'm really talking incredibly, astronomically, EXTREMELY unlikely here), it is still many, MANY orders of magnitude more unlikely that someone will actually break sha256.

Oh and by the way, if someone does break sha256, you can't trust online banking and credit card systems anymore either.

Don't know about Collision attacks, but I've been able to find a 11-character vanity address (the name of my band) easily, while vanitygen claimed it would take millions of years...

this is the address: 1ELECeJompinDox61L73eAUyaWpe3Q5HZB

Am I just lucky?

To successfully prove you found a vanity address, you must actually send some funds from the address, or sign a message with its private key. Can you do that? Otherwise all you have is proof you found a 32-bit collision on the checksum, which anyone can do quickly. Otherwise, claiming something incredible like this as your 1st post is going to draw skepticism.

Assuming you can spend from the address, there is also the theoretical possibility that you vanitygen'd a bunch of 9-character semi-pronounceable string, picked one that looked the best (especially upper-and-lower-case-wise), and then said "that's my name!", incorporating the two digits "61" into the claim that those were exactly what you were looking for. I mean, you did just create the account minutes before posting.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.

Don't know about Collision attacks, but I've been able to find a 11-character vanity address (the name of my band) easily, while vanitygen claimed it would take millions of years...

this is the address: 1ELECeJompinDox61L73eAUyaWpe3Q5HZB

Am I just lucky?

To successfully prove you found a vanity address, you must actually send some funds from the address, or sign a message with its private key. Can you do that? Otherwise all you have is proof you found a 32-bit collision on the checksum, which anyone can do quickly. Otherwise, claiming something incredible like this as your 1st post is going to draw skepticism.

Assuming you can spend from the address, there is also the theoretical possibility that you vanitygen'd a bunch of 9-character semi-pronounceable string, picked one that looked the best (especially upper-and-lower-case-wise), and then said "that's my name!", incorporating the two digits "61" into the claim that those were exactly what you were looking for. I mean, you did just create the account minutes before posting.

OK, you don't believe... Unfortunately I'm in no position to prove this yet, as I don't know how to 'sign a message' and have no BTC to spend...

I do have some questions.

How easy would it be to "vanitygen a bunch of 9-character semi-pronounceable string and pick one that looks best"?

Or has anyone else been able to vanitygen a 11+ character address (with proper capitalization)? Probably with some sort of super computer?

What is the longest vanity address to date?

PS: Of course I just created this forum account, because I thought it was worth replying to this thread.

Unfortunately I'm in no position to prove this yet, as I don't know how to 'sign a message' and have no BTC to spend...

You now have 0.0638 BTC from me... assuming you have the private key to that address. Send it anywhere, and your claim that you own the address is proven correct.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.

I don't know about the others, but you can have my 10BTC if you can show a sha256 collision.But the bitcoin address is something else, I don't bet about that (yet?).

It is possible you have the keypair for the address with you name in it, but I don't know how you made it. It still is possible for you to have choosen your name because of that address.However, if you really think you can generate a specific address, I can make a new address and put some bitcoins on it. Then I tell you the address and you generate the keypair and have the bitcoins.But if it is possible to do that, why not just choose some used addresses and use the coins on it.

I don't know about the others, but you can have my 10BTC if you can show a sha256 collision.But the bitcoin address is something else, I don't bet about that (yet?).

It is possible you have the keypair for the address with you name in it, but I don't know how you made it. It still is possible for you to have choosen your name because of that address.However, if you really think you can generate a specific address, I can make a new address and put some bitcoins on it. Then I tell you the address and you generate the keypair and have the bitcoins.But if it is possible to do that, why not just choose some used addresses and use the coins on it.

Lol of course I'm not able to do that I don't have that kind of superpower... Or it would mean the end of Bitcoin...